US20110093883A1 - System, protection method and server for implementing the virtual channel service - Google Patents

System, protection method and server for implementing the virtual channel service Download PDF

Info

Publication number
US20110093883A1
US20110093883A1 US12/346,689 US34668908A US2011093883A1 US 20110093883 A1 US20110093883 A1 US 20110093883A1 US 34668908 A US34668908 A US 34668908A US 2011093883 A1 US2011093883 A1 US 2011093883A1
Authority
US
United States
Prior art keywords
content
key
server
vod
channel
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/346,689
Inventor
Chao Sun
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Assigned to HUAWEI TECHNOLOGIES CO., LTD. reassignment HUAWEI TECHNOLOGIES CO., LTD. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: SUN, CHAO
Publication of US20110093883A1 publication Critical patent/US20110093883A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/173Analogue secrecy systems; Analogue subscription systems with two-way working, e.g. subscriber sending a programme selection signal
    • H04N7/17309Transmission or handling of upstream communications
    • H04N7/17318Direct or substantially direct transmission and handling of requests
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/21Server components or server architectures
    • H04N21/222Secondary servers, e.g. proxy server, cable television Head-end
    • H04N21/2221Secondary servers, e.g. proxy server, cable television Head-end being a cable television head-end
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs involving video stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs involving video stream encryption
    • H04N21/23473Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs involving video stream encryption by pre-encrypting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26606Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26613Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/2668Creating a channel for a dedicated end-user group, e.g. insertion of targeted commercials based on end-user profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/47End-user applications
    • H04N21/472End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification, for manipulating displayed content
    • H04N21/47202End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification, for manipulating displayed content for requesting content on demand, e.g. video on demand
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/47End-user applications
    • H04N21/472End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification, for manipulating displayed content
    • H04N21/47208End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification, for manipulating displayed content for requesting near-video-on-demand content
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • H04N21/63345Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/64Addressing
    • H04N21/6405Multicasting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence

Definitions

  • the present invention relates to video on-demand (VOD) technologies, and in particular, to a system for implementing the virtual channel service, a protection method, an encryption server and a near VOD (NVOD) server.
  • VOD video on-demand
  • NVOD near VOD
  • NOD Near video on-demand
  • VOD video on-demand
  • IPTV Interactive Personal Television
  • IPTV operators deploy a virtual channel service, which arranges a group of VOD programs in series based on a time sequence and pushes the programs to end users from a same address/port in multicast or broadcast mode.
  • An entitled user terminal can receive video program data after joining the multicast group.
  • the virtual channel service enables an operator to provide richer live channels.
  • a conditional access system (CAS) is adopted in a traditional digital TV system to encrypt programs and control access of authorized users.
  • the CAS is usually composed of an encryption subsystem and an authorization subsystem, where the encryption subsystem protects contents by means of encryption, generates an entitlement control message (ECM) stream for each encrypted program stream and delivers the ECM stream and the program stream together to users; the entitlement subsystem completes entitlement of users who order a program, generates an entitlement management message (EMM) for each user who orders the program and delivers the message to the users.
  • ECM entitlement control message
  • the IPTV system inherits the CAS protection method.
  • a middleware acts as the IPTV control center to implement interactive control, user and service management, delivery of an electronic program guide (EPG), and integration of an operating support system (OSS) or a business support system (BSS).
  • EPG electronic program guide
  • OSS operating support system
  • BSS business support system
  • protection of virtual channel programs includes the following steps:
  • the middleware defines a virtual channel as an NVOD product and requests to create a corresponding product number in the CAS and the CAS maintains a corresponding product key for the NVOD product.
  • the middleware requests the CAS to encrypt all VOD programs that join the virtual channel, and the CAS encrypts the VOD programs by using an encryption key (or the initial word of the encryption key) and generates an ECM, which includes the NVOD product number and information of the encryption key (or the initial word of the encryption key) encrypted by using the product key for the NVOD.
  • the ECM is added to the VOD program packets and the CAS publishes the encrypted VOD program packets to the NVOD server.
  • the NVOD server organizes all VOD programs in the NVOD virtual channel program list into a virtual channel.
  • the NVOD server also publishes encrypted packets of the VOD programs and the ECM to a specified multicast address according to a prearranged time sequence.
  • the middleware requests the CAS to entitle the user terminal to the virtual channel.
  • the CAS generates a corresponding entitlement management message (EMM) for the user terminal
  • EMM includes the product number and product key corresponding to the virtual channel.
  • the set top box When the user watches a program on the virtual channel, the set top box (STB) first joins the multicast group of the virtual channel in the bearer network to receive program packets and the ECM, and after obtaining the ECM for the program, the STB decrypts the encryption information of the corresponding product number in the ECM by using the corresponding NVOD product key so as to obtain the encryption key of virtual channel packets.
  • the STB decrypts the received program packets by using the encryption key (or the initial word of the encryption key) to obtain plain-text packets and send the packets to the player for playing.
  • the terminal must also change the corresponding encryption key, which is complicated to implement. Therefore, the prior conditional access technology generally uses a same encryption key to encrypt all VOD programs multicast on one NVOD virtual channel when an NVOD product is published. As a result, one VOD program needs at least two encryptions, one for unicast of the VOD program and the other for multicast of the virtual channel. If the VOD program joins multiple NVOD virtual channels, there are more encrypted VOD program copies so that a large number of system storage resources are occupied.
  • Embodiments of the invention provide a system for implementing the virtual channel service, a protection method, an encryption server and a near video on-demand (NVOD) server for the purpose of resolving the problem in the prior NVOD virtual channel service that encrypted packets of a video on-demand (VOD) program copy after several encryptions occupy a large number of system storage resources.
  • VOD video on-demand
  • a system for implementing the virtual channel service includes:
  • VOD program content storage server adapted to store video on-demand (VOD) program contents
  • a middleware adapted to control the virtual channel service
  • an encryption server adapted to generate an content key associated with each of the VOD program contents for the each of the VOD program contents in the content storage server according to a virtual channel service control signal sent by the middleware, encrypt content of each of the VOD programs associated with the content key according to the content key, and output an encrypted VOD program content, and adapted to generate a channel key for a virtual channel that multicasts the contents of VOD programs, encrypt the content key by using the channel key, and output encryption information of the content key, and authorize a user terminal that orders the virtual channel to the channel key;
  • VOD server adapted to receive and publish the encrypted VOD program content
  • an NVOD server adapted to receive the encryption information of the content key, obtain the encrypted VOD program content from the VOD server, and multicast the encrypted VOD program content and the encryption information of the content key on the virtual channel.
  • An encryption server includes:
  • a program content obtaining unit adapted to obtain video on-demand (VOD) program contents from a content storage server that stores VOD program contents;
  • a program content encrypting unit adapted to generate an content key associated with each of the obtained VOD program contents for the each of the obtained VOD program contents and encrypt a VOD program content associated with the content key according to the content key;
  • VOD program content publishing unit adapted to publish the encrypted VOD program content generated by the program content encrypting unit to a VOD server
  • a content key encrypting unit adapted to generate a channel key for a virtual channel that multicasts the VOD program contents, encrypt the content key generated by the program content encrypting unit by using the channel key, and generate encryption information of the content key, where the encryption information of the content key includes the encrypted content key and program control information;
  • a channel key entitling unit adapted to entitle a user terminal that orders the virtual channel to the channel key of the virtual channel generated by the content key encrypting unit.
  • the encryption server further includes a first multicast control unit, adapted to obtain the encrypted VOD program content from the VOD server, obtain the encryption information of the content key from the content key encrypting unit, and multicast the encrypted VOD program content and the encryption information of the content key on the virtual channel.
  • a first multicast control unit adapted to obtain the encrypted VOD program content from the VOD server, obtain the encryption information of the content key from the content key encrypting unit, and multicast the encrypted VOD program content and the encryption information of the content key on the virtual channel.
  • the encryption server further includes a second multicast control unit, adapted to obtain the encrypted VOD program content from the program content encrypting unit, obtain the encryption information of the content key from the content key encrypting unit, and multicast the encrypted VOD program content and the encryption information of the content key on the virtual channel.
  • a second multicast control unit adapted to obtain the encrypted VOD program content from the program content encrypting unit, obtain the encryption information of the content key from the content key encrypting unit, and multicast the encrypted VOD program content and the encryption information of the content key on the virtual channel.
  • An NVOD server includes:
  • an encryption information obtaining unit adapted to obtain encryption information of a content key of a VOD program content from an encryption server
  • VOD program content obtaining unit adapted to obtain an encrypted VOD program content from a VOD server
  • a multicast control unit adapted to multicast the encrypted VOD program content and the encryption information of the content key on a virtual channel.
  • a method for protecting the virtual channel service includes:
  • VOD video on-demand
  • the technical solution provided by embodiments of the invention generates a unique associated content key for each VOD program that needs to be multicast on the virtual channel, encrypts the associated VOD program by using the content key and saves the encrypted packets of the VOD program for multicast on the virtual channel.
  • the solution also generates a channel key for the virtual channel of the VOD program, entitles a user terminal that requests the virtual channel to the channel key, and multicasts the content key encrypted using the channel key while multicasting encrypted packets of the VOD program on the virtual channel.
  • the user terminal that joins the virtual channel decrypts and obtains the content key by using the entitled channel key and then uses the content key to decrypt the encrypted packets of the VOD program.
  • the content key of the VOD program is sent to the entitled user terminal by using the channel key of each virtual channel so as to realize the protection required by the virtual channel service.
  • the method for implementing the virtual channel service provided by embodiments of the invention, it is necessary to perform only one encryption for a VOD program and store the encrypted packets of only one VOD program copy, thus saving storage resources of the system.
  • FIG. 1 shows the structure of a system for implementing the virtual channel service with an encryption server according to an embodiment of the invention
  • FIG. 2 shows the main structure of an encryption server according to an embodiment of the invention
  • FIG. 3 shows the main structure of an NVOD server according to an embodiment of the invention
  • FIG. 4 shows the structure of a system for implementing the virtual channel service with an NVOD server according to an embodiment of the invention.
  • FIG. 5 and FIG. 6 respectively show the main structure of an NVOD server according to two different embodiments of the invention.
  • An embodiment of the invention provides a method for implementing the virtual channel service which encrypts NVOD programs.
  • the method generates a unique associated content key for each VOD program that needs to be multicast on the virtual channel, encrypts the associated VOD program by using the content key, and saves the encrypted contents of the VOD program to generate encrypted packets, and multicasts the encrypted packets on the virtual channel; the method also generates a channel key for the virtual channel that multicasts the VOD program, entitles a user terminal that requests the virtual channel to the channel key, multicasts the encrypted contents of the VOD program on the virtual channel and multicasts the content key that is encrypted using the channel key.
  • a user terminal that joins the virtual channel uses the entitled channel key to decrypt and obtain the content key and uses the content key to decrypt the encrypted VOD program packets received from the multicast group of the virtual channel.
  • the method for implementing the virtual channel service provided by the embodiment of the invention, it is necessary to encrypt a VOD program only once and save the encrypted program contents of only one program copy.
  • the content key of the VOD program is sent to entitled user terminals by using the channel keys of corresponding virtual channels so as to implement protection required by the virtual channel service.
  • a special encryption server may be adopted to generate the keys and realize the encryption and entitlement operations.
  • the encryption server may be placed in a prior digital rights management (DRM) system or functions of the encryption server may be integrated into a server already operating in the DRM system; or functions of the encryption server may be implemented by an NVOD server.
  • DRM digital rights management
  • a system for implementing the virtual channel service includes:
  • a content storage server 10 adapted to store VOD program packets, each VOD program corresponding to a content ID;
  • a middleware 20 adapted to control content encryption, user entitlement, and creation, activation and deactivation of a virtual channel
  • an encryption server 30 placed in a DRM system and adapted to execute encryption, key maintenance and entitlement functions;
  • VOD server 40 adapted to unicast VOD programs, and unicast a VOD program to a user terminal after the user terminal sets up a unicast connection with the VOD server 40 via the Real Time Streaming Protocol (RTSP); and
  • RTSP Real Time Streaming Protocol
  • an NVOD server 51 adapted to multicast VOD programs on a created virtual channel, where a user terminal joins the virtual channel multicast group provided by the NVOD server 51 via RTSP to receive the multicast VOD program packets.
  • the middleware requests the encryption server to encrypt VOD programs that require protection; the encryption server generates and maintains a content ID and a content key pair for each VOD program that requires protection, obtains a VOD program that requires protection from the content storage server and encrypts the VOD program by using the content key, and publishes the encrypted program contents of the VOD program to the VOD server.
  • the middleware creates a virtual channel and assigns a channel identification (channel ID) to the virtual channel, and requests the encryption server to create a virtual channel with the channel ID and generate and maintain the channel ID and the corresponding channel key via an interface between the middleware and the encryption server.
  • channel ID channel identification
  • the procedure where the middleware creates a virtual channel includes the following steps:
  • the middleware assigns a channel ID
  • the middleware sends a virtual channel creation request to the encryption server, the message carrying the channel ID parameter;
  • the encryption server receives the request, assigns a channel key to the channel ID and saves a map between the channel ID and the channel key;
  • the encryption server sends a virtual channel creation success response to the middleware.
  • the middleware requests the encryption server to add a group of VOD programs to the specified virtual channel; the encryption server encrypts the content key of every program in the VOD program group by using the channel key corresponding to the channel ID of the virtual channel to generate channel encryption information and sends the channel encryption information to the middleware.
  • the channel encryption information includes the content key of each VOD program encrypted using the channel key, validity of the channel encryption information (defined by start time and end time), and the access control condition of each VOD program. For example, if the virtual channel group includes four VOD programs, specific contents of the channel encryption information are described in Table 3. For easy extension, the type/length/value (TLV) encoding scheme may be used.
  • TLV type/length/value
  • the middleware sends to the NVOD server a request for activating the specified virtual channel; the activation request includes a list of VOD programs to be cast on the specified virtual channel and the channel encryption information corresponding to the VOD programs.
  • the program list includes related information of all VOD programs to be cast on the virtual channel and schedule information of the VOD programs.
  • the related information of each VOD program includes a content ID, the access address of the description file of the VOD program and the program attribute.
  • the NVOD server sets up connections with the VOD server respectively according to the related information of VOD programs in the VOD program list to obtain the encrypted program contents of each VOD program encrypted by the content key, generates encrypted packets by using the encrypted program contents, and publishes the encrypted packets and the channel encryption information to the multicast group of the virtual channel.
  • the NVOD server When activating the virtual channel, the NVOD server publishes the channel encryption information and the program stream corresponding to each VOD program to the bearer network.
  • the channel encryption information of a VOD program may be published in either of the following methods:
  • RTP Real-time Transport Protocol
  • the NVOD needs to publish the channel control information multicast address and port to a terminal and publish the channel encryption information and the encrypted packets corresponding to VOD program contents together to the bearer network in advance.
  • the terminal needs to obtain the multicast address and port in advance.
  • the NVOD server may first obtain the encrypted program contents of each VOD program and cast the programs one by one according to the NVOD program list in step 5, or the NVOD server may select the next VOD program according to the NVOD program list after one VOD program is finished and then steps 5 and 6 are repeated.
  • the middleware After a user orders the virtual channel from the middleware, the middleware requests the encryption server to entitle the user terminal to the virtual channel.
  • the encryption server generates entitlement information corresponding to the user terminal and sends the entitlement information to the user terminal.
  • the entitlement information includes the channel ID, the virtual channel key, and the access condition of the virtual channel.
  • the user terminal first obtains the multicast address of the control stream and then joins the channel control information multicast group of the virtual channel to receive encryption information of the virtual channel according to the multicast address of the control stream, and queries whether corresponding entitlement information exists by using the channel ID, and if the entitlement information exists, the user terminal decrypts the channel encryption information by using the channel key to obtain the content key of the VOD program.
  • the user terminal receives encrypted packets of the VOD program multicast on the virtual channel, decrypts the encrypted packets by using the content key of the VOD program and then sends the decrypted plain-text packets to a player for playing.
  • the user terminal obtains channel encryption information from each channel program packet, queries whether corresponding entitlement information exists by using the channel ID and if the entitlement information exists, the user terminal decrypts the channel encryption information by using the channel key to obtain the content key of the VOD program.
  • the user terminal decrypts each encrypted packet by using the content key of the VOD program and sends the decrypted plain-text packets to a player for playing.
  • the next channel encryption information is requested from the NVOD server.
  • the middleware initiates a request to the encryption VOD program server; the encryption server encrypts the VOD program, maintains a map between the content ID and the content key of the VOD program, and responds to the middleware with a program encryption result.
  • Creating a The middleware initiates a request to the encryption virtual channel server; the encryption server responds with a virtual channel creation result.
  • Adding a VOD program to a virtual channel Entitlement The middleware requests the encryption server to request entitle the specified user to the virtual channel.
  • the middleware initiates a request to the NVOD virtual channel server; the NVOD server responds with a virtual channel creation result. Activating a The middleware requests the NVOD to start casting virtual channel the virtual channel programs. Deactivating a The middleware requests the NVOD to stop casting virtual channel the virtual channel programs.
  • the terminal obtains the channel encryption encryption information of all VOD channels from the NVOD information server.
  • the keys, encrypted program contents and encryption information are generated by the encryption server.
  • the NVOD server only transports the information without decryption.
  • the information transferred between the NVOD server and the middleware and the VOD server is also encrypted. This satisfies the needs of VOD program protection and assures good security.
  • an encryption server provided by an embodiment of the invention includes:
  • a program content obtaining unit 301 adapted to obtain contents of a VOD program from a VOD content storage server;
  • a program content encrypting unit 302 adapted to generate an associated content key for each VOD program content and encrypt an associated VOD program content according to each content key to generate encrypted packets of the VOD program content;
  • an encryption packets publishing unit 303 adapted to publish the encrypted program content generated by the program content encrypting unit 302 to a VOD server;
  • a content key encrypting unit 304 adapted to generate a channel key for a virtual channel that multicasts the VOD program content and encrypt the content key generated by the program content encrypting unit 302 by using the channel key;
  • a channel key entitling unit 305 adapted to entitle a user terminal that orders the virtual channel to the channel key of the virtual channel generated by the content key encrypting unit 304 .
  • the program content encrypting unit 302 and the content key encrypting unit 304 may be combined.
  • the encryption server may include:
  • an encryption information publishing unit 308 adapted to publish encryption information of the content key generated by the program content encrypting unit 302 to the middleware. If the encryption server and the NVOD server are combined, encryption information may be stored locally and the encryption information publishing unit 308 is not required.
  • an NVOD server provided in an embodiment of the invention includes:
  • an encryption information obtaining unit 511 adapted to obtain encryption information of a content key from an encryption server
  • an encryption packets obtaining unit 512 adapted to obtain an encrypted VOD program content from a VOD server
  • a multicast control unit 513 adapted to multicast the encrypted packets of the VOD program content and the encryption information of the content key on a virtual channel.
  • the VOD server stores the encrypted program contents of only one program copy, thus saving the storage resources of the system.
  • NVOD server is utilized to protect an NVOD virtual channel in detail, where the NVOD server generates keys and executes encryption and entitlement operations.
  • FIG. 4 shows a system for implementing the virtual channel service in an embodiment of the invention, where an NVOD server is adopted to encrypt NVOD programs, which is equivalent to the effect that an encryption server is integrated with the NVOD server.
  • the system includes:
  • a content storage server 10 a middleware 20 and a VOD server 40 , and further includes an NVOD server 52 , where:
  • the NVOD server 52 is adapted to execute encryption, key maintenance and entitlement functions and multicast encrypted packets of VOD programs and encryption information of content keys on a created virtual channel; a terminal device joins the virtual channel multicast group provided by the NVOD server 52 to receive encrypted multicast packets and obtain encryption information of content keys from the NVOD server 52 .
  • the middleware requests the NVOD server to encrypt VOD programs that require protection; the NVOD server generates and maintains a content ID and a content key pair for each VOD program that requires protection, obtains a VOD program that requires protection from the content storage server and encrypts the VOD program by using the content key, and publishes the encrypted program contents of the VOD program to the VOD server.
  • the middleware creates a virtual channel and assigns a channel ID to the virtual channel, and requests the NVOD server to create a virtual channel with the channel ID and maintain the channel ID and the corresponding channel key via an interface between the middleware and the NVOD server.
  • the middleware requests the NVOD server to add a group of VOD programs to the specified virtual channel; the NVOD server encrypts the content key of each program in the VOD program group by using the channel key corresponding to the channel ID of the virtual channel to generate channel encryption information, saves the channel encryption information of the virtual channel and returns a response to the middleware.
  • the middleware sends to the NVOD server a request for activating the specified virtual channel; the activation request includes the channel ID and the list of VOD programs to be cast on the virtual channel.
  • the NVOD server activates the virtual channel and sets up connections with the VOD server respectively according to related information of VOD programs in the VOD program list to obtain encrypted program contents of each VOD program encrypted by the content key.
  • the NVOD server While activating the virtual channel, the NVOD server publishes the encrypted packets and channel encryption information to the multicast group of the virtual channel.
  • the NVOD server may first obtain the encrypted program contents of each VOD program and cast the programs one by one according to the NVOD program list in step 5, or the NVOD server may select the next VOD program according to the NVOD program list after one VOD program is finished and then repeat steps 5 and 6.
  • the middleware requests the NVOD server to entitle the user terminal to the virtual channel.
  • the NVOD server generates entitlement information corresponding to the user terminal and sends the entitlement information to the user terminal
  • the entitlement information includes the channel ID, the virtual channel key, and the access condition of the virtual channel.
  • an appropriate mode is used to obtain the content key of the VOD program content, decrypt the encrypted packets received after joining the multicast group and send the decrypted plain-text packets to a player for playing.
  • the NVOD server may store encrypted program contents of a VOD program locally and after the virtual channel is activated, the NVOD server obtains the encrypted program contents of the VOD program directly from the local storage for multicast.
  • FIG. 5 shows an NVOD server provided in an embodiment of the invention.
  • the NVOD server further includes:
  • a first multicast control unit 306 adapted to obtain encrypted program contents of each VOD program from the VOD server, obtain encryption information of each content key from the content key encrypting unit 304 , and multicast the encrypted packets of VOD program contents and encryption information of content keys on a virtual channel.
  • the NVOD server shown in FIG. 5 does not need to store encrypted program contents of a VOD program locally. Instead, when the virtual channel is activated, the NVOD server obtains encrypted program contents of VOD programs that need to be multicast from the VOD server where encrypted program contents of VOD programs are published.
  • FIG. 6 shows an NVOD server provided in another embodiment of the invention.
  • the NVOD server further includes:
  • a second multicast control unit 307 adapted to obtain encrypted program contents of each VOD program from the program content encrypting unit 302 , obtain encryption information of each content key from the content key encrypting unit 304 , and multicast the encrypted packets of VOD program contents and encryption information of content keys on a virtual channel.
  • the NVOD server shown in FIG. 6 needs to store encrypted program contents of VOD programs locally so as to obtain encrypted program contents of VOD programs that need to be multicast from the local storage after the virtual channel is activated.
  • the technical solution provided by embodiments of the invention generates a unique associated content key for each VOD program that needs to be multicast on a virtual channel, encrypts the associated VOD program by using the content key and saves the encrypted program contents of the VOD program for generating encrypted packets to be multicast on the virtual channel.
  • the solution also generates a channel key for the virtual channel of the VOD program, entitles a user terminal that requests the virtual channel to the channel key, and multicasts the content key encrypted using the channel key while multicasting encrypted packets of the VOD program on the virtual channel.
  • the user terminal that joins the virtual channel decrypts and obtains the content key by using the entitled channel key and then uses the content key to decrypt the encrypted packets of the VOD program.
  • the content key of the VOD program is sent to the entitled user terminal by using the channel key of each virtual channel so as to realize the protection required by the virtual channel service.

Abstract

A system for implementing the virtual channel service generates an content key associated with each of the video on-demand (VOD) program contents for the each VOD program content multicast on a virtual channel, encrypts the VOD program contents by using the content key and multicasts the encrypted VOD program content on the virtual channel; generates a channel key for the virtual channel that multicasts the VOD program content, encrypts the content key and generates encryption information by using the channel key, and authorizes a user terminal that orders the virtual channel to the channel key, and multicasts the encryption information on the virtual channel. The user terminal that joins the virtual channel decrypts and obtains the content key by using the authorized channel key and then uses the content key to decrypt the encrypted content of the VOD program. Hence, it is necessary to encrypt the VOD program content once and store one corresponding encrypted program, thus saving storage resources of the system.

Description

    CROSS-REFERENCE TO RELATED APPLICATIONS
  • This application is a continuation of International Application No. PCT/CN2008/070008, filed on Jan. 2, 2008, which claims priority to Chinese Patent Application No. 200710098159.1, filed with the Chinese Patent Office on Apr. 17, 2007, both of which are hereby incorporated by reference in their entireties.
    • FIELD OF THE INVENTION
  • The present invention relates to video on-demand (VOD) technologies, and in particular, to a system for implementing the virtual channel service, a protection method, an encryption server and a near VOD (NVOD) server.
    • BACKGROUND OF THE INVENTION
  • Near video on-demand (NVOD) was a cable TV service at its birth, where, as a cable TV network is unidirectional, a video server casts a program on multiple channels continuously but the program is started on each channel at a certain interval. A user may select a proper channel to watch the program at a desired progress.
  • As broadband network applications are popular, video on-demand (VOD) service is widely deployed in Internet Protocol Television or Interactive Personal Television (IPTV). With a VOD service, a user is able to specify the start time of a program freely and perform fast forwarding, fast rewinding and locating operations on an ongoing program so that the user can enjoy program contents freely anywhere at any time. VOD occupies a lot of network bandwidth. Each user sets up an independent unicast connection with the media server to receive a video program. Different users cannot share video program data packets transported over the network even though they are using the same service. When there are many users using the same service, network bandwidth resources will be wasted.
  • With reference to the NVOD service on a cable TV network, IPTV operators deploy a virtual channel service, which arranges a group of VOD programs in series based on a time sequence and pushes the programs to end users from a same address/port in multicast or broadcast mode. An entitled user terminal can receive video program data after joining the multicast group. The virtual channel service enables an operator to provide richer live channels.
  • For protection of the NVOD service, a conditional access system (CAS) is adopted in a traditional digital TV system to encrypt programs and control access of authorized users. The CAS is usually composed of an encryption subsystem and an authorization subsystem, where the encryption subsystem protects contents by means of encryption, generates an entitlement control message (ECM) stream for each encrypted program stream and delivers the ECM stream and the program stream together to users; the entitlement subsystem completes entitlement of users who order a program, generates an entitlement management message (EMM) for each user who orders the program and delivers the message to the users.
  • The IPTV system inherits the CAS protection method. A middleware acts as the IPTV control center to implement interactive control, user and service management, delivery of an electronic program guide (EPG), and integration of an operating support system (OSS) or a business support system (BSS).
  • In an IPTV system, protection of virtual channel programs includes the following steps:
  • 1. The middleware defines a virtual channel as an NVOD product and requests to create a corresponding product number in the CAS and the CAS maintains a corresponding product key for the NVOD product.
  • 2. The middleware requests the CAS to encrypt all VOD programs that join the virtual channel, and the CAS encrypts the VOD programs by using an encryption key (or the initial word of the encryption key) and generates an ECM, which includes the NVOD product number and information of the encryption key (or the initial word of the encryption key) encrypted by using the product key for the NVOD. The ECM is added to the VOD program packets and the CAS publishes the encrypted VOD program packets to the NVOD server.
  • 3. The NVOD server organizes all VOD programs in the NVOD virtual channel program list into a virtual channel. The NVOD server also publishes encrypted packets of the VOD programs and the ECM to a specified multicast address according to a prearranged time sequence.
  • 4. After a user orders the virtual channel, the middleware requests the CAS to entitle the user terminal to the virtual channel. The CAS generates a corresponding entitlement management message (EMM) for the user terminal The EMM includes the product number and product key corresponding to the virtual channel.
  • 5. When the user watches a program on the virtual channel, the set top box (STB) first joins the multicast group of the virtual channel in the bearer network to receive program packets and the ECM, and after obtaining the ECM for the program, the STB decrypts the encryption information of the corresponding product number in the ECM by using the corresponding NVOD product key so as to obtain the encryption key of virtual channel packets. The STB decrypts the received program packets by using the encryption key (or the initial word of the encryption key) to obtain plain-text packets and send the packets to the player for playing.
  • If different encryption keys are used for VOD programs that compose a virtual channel, during program switching, the terminal must also change the corresponding encryption key, which is complicated to implement. Therefore, the prior conditional access technology generally uses a same encryption key to encrypt all VOD programs multicast on one NVOD virtual channel when an NVOD product is published. As a result, one VOD program needs at least two encryptions, one for unicast of the VOD program and the other for multicast of the virtual channel. If the VOD program joins multiple NVOD virtual channels, there are more encrypted VOD program copies so that a large number of system storage resources are occupied.
    • SUMMARY OF THE INVENTION
  • Embodiments of the invention provide a system for implementing the virtual channel service, a protection method, an encryption server and a near video on-demand (NVOD) server for the purpose of resolving the problem in the prior NVOD virtual channel service that encrypted packets of a video on-demand (VOD) program copy after several encryptions occupy a large number of system storage resources.
  • For this purpose, embodiments of the invention provide the following technical solution:
  • A system for implementing the virtual channel service includes:
  • a VOD program content storage server, adapted to store video on-demand (VOD) program contents;
  • a middleware, adapted to control the virtual channel service;
  • an encryption server, adapted to generate an content key associated with each of the VOD program contents for the each of the VOD program contents in the content storage server according to a virtual channel service control signal sent by the middleware, encrypt content of each of the VOD programs associated with the content key according to the content key, and output an encrypted VOD program content, and adapted to generate a channel key for a virtual channel that multicasts the contents of VOD programs, encrypt the content key by using the channel key, and output encryption information of the content key, and authorize a user terminal that orders the virtual channel to the channel key;
  • a VOD server, adapted to receive and publish the encrypted VOD program content; and
  • an NVOD server, adapted to receive the encryption information of the content key, obtain the encrypted VOD program content from the VOD server, and multicast the encrypted VOD program content and the encryption information of the content key on the virtual channel.
  • An encryption server includes:
  • a program content obtaining unit, adapted to obtain video on-demand (VOD) program contents from a content storage server that stores VOD program contents;
  • a program content encrypting unit, adapted to generate an content key associated with each of the obtained VOD program contents for the each of the obtained VOD program contents and encrypt a VOD program content associated with the content key according to the content key;
  • a VOD program content publishing unit, adapted to publish the encrypted VOD program content generated by the program content encrypting unit to a VOD server;
  • a content key encrypting unit, adapted to generate a channel key for a virtual channel that multicasts the VOD program contents, encrypt the content key generated by the program content encrypting unit by using the channel key, and generate encryption information of the content key, where the encryption information of the content key includes the encrypted content key and program control information; and
  • a channel key entitling unit, adapted to entitle a user terminal that orders the virtual channel to the channel key of the virtual channel generated by the content key encrypting unit.
  • The encryption server further includes a first multicast control unit, adapted to obtain the encrypted VOD program content from the VOD server, obtain the encryption information of the content key from the content key encrypting unit, and multicast the encrypted VOD program content and the encryption information of the content key on the virtual channel.
  • Alternatively, the encryption server further includes a second multicast control unit, adapted to obtain the encrypted VOD program content from the program content encrypting unit, obtain the encryption information of the content key from the content key encrypting unit, and multicast the encrypted VOD program content and the encryption information of the content key on the virtual channel.
  • An NVOD server includes:
  • an encryption information obtaining unit, adapted to obtain encryption information of a content key of a VOD program content from an encryption server;
  • a VOD program content obtaining unit, adapted to obtain an encrypted VOD program content from a VOD server; and
  • a multicast control unit, adapted to multicast the encrypted VOD program content and the encryption information of the content key on a virtual channel.
  • A method for protecting the virtual channel service includes:
  • generating a content key associated with each video on-demand (VOD) program content for the each VOD program content, encrypting the each VOD program content by using the content key associated with the each VOD program content, and multicasting the encrypted VOD program content on a virtual channel; and
  • generating a channel key for the virtual channel, encrypting the content key by using the channel key, and authorizing a user terminal that orders the virtual channel to the channel key, and multicasting encryption information of the content key to the user terminal.
  • The technical solution provided by embodiments of the invention generates a unique associated content key for each VOD program that needs to be multicast on the virtual channel, encrypts the associated VOD program by using the content key and saves the encrypted packets of the VOD program for multicast on the virtual channel. The solution also generates a channel key for the virtual channel of the VOD program, entitles a user terminal that requests the virtual channel to the channel key, and multicasts the content key encrypted using the channel key while multicasting encrypted packets of the VOD program on the virtual channel. Thus, the user terminal that joins the virtual channel decrypts and obtains the content key by using the entitled channel key and then uses the content key to decrypt the encrypted packets of the VOD program. When the VOD program is multicast on different virtual channels, the content key of the VOD program is sent to the entitled user terminal by using the channel key of each virtual channel so as to realize the protection required by the virtual channel service. With the method for implementing the virtual channel service provided by embodiments of the invention, it is necessary to perform only one encryption for a VOD program and store the encrypted packets of only one VOD program copy, thus saving storage resources of the system.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 shows the structure of a system for implementing the virtual channel service with an encryption server according to an embodiment of the invention;
  • FIG. 2 shows the main structure of an encryption server according to an embodiment of the invention;
  • FIG. 3 shows the main structure of an NVOD server according to an embodiment of the invention;
  • FIG. 4 shows the structure of a system for implementing the virtual channel service with an NVOD server according to an embodiment of the invention; and
  • FIG. 5 and FIG. 6 respectively show the main structure of an NVOD server according to two different embodiments of the invention.
    •  DETAILED DESCRIPTION OF THE INVENTION
  • An embodiment of the invention provides a method for implementing the virtual channel service which encrypts NVOD programs. The method generates a unique associated content key for each VOD program that needs to be multicast on the virtual channel, encrypts the associated VOD program by using the content key, and saves the encrypted contents of the VOD program to generate encrypted packets, and multicasts the encrypted packets on the virtual channel; the method also generates a channel key for the virtual channel that multicasts the VOD program, entitles a user terminal that requests the virtual channel to the channel key, multicasts the encrypted contents of the VOD program on the virtual channel and multicasts the content key that is encrypted using the channel key. In this way, a user terminal that joins the virtual channel uses the entitled channel key to decrypt and obtain the content key and uses the content key to decrypt the encrypted VOD program packets received from the multicast group of the virtual channel.
  • With the method for implementing the virtual channel service provided by the embodiment of the invention, it is necessary to encrypt a VOD program only once and save the encrypted program contents of only one program copy. When the VOD program is multicast on different virtual channels, the content key of the VOD program is sent to entitled user terminals by using the channel keys of corresponding virtual channels so as to implement protection required by the virtual channel service.
  • A special encryption server may be adopted to generate the keys and realize the encryption and entitlement operations. The encryption server may be placed in a prior digital rights management (DRM) system or functions of the encryption server may be integrated into a server already operating in the DRM system; or functions of the encryption server may be implemented by an NVOD server. The following description assumes that the encryption server is placed in the DRM system.
  • As shown in FIG. 1, a system for implementing the virtual channel service according to an embodiment of the invention includes:
  • a content storage server 10, adapted to store VOD program packets, each VOD program corresponding to a content ID;
  • a middleware 20, adapted to control content encryption, user entitlement, and creation, activation and deactivation of a virtual channel;
  • an encryption server 30, placed in a DRM system and adapted to execute encryption, key maintenance and entitlement functions;
  • a VOD server 40, adapted to unicast VOD programs, and unicast a VOD program to a user terminal after the user terminal sets up a unicast connection with the VOD server 40 via the Real Time Streaming Protocol (RTSP); and
  • an NVOD server 51, adapted to multicast VOD programs on a created virtual channel, where a user terminal joins the virtual channel multicast group provided by the NVOD server 51 via RTSP to receive the multicast VOD program packets.
  • The following takes the creation and activation of a virtual channel for example to detail the functions of each functional entity:
  • 1. The middleware requests the encryption server to encrypt VOD programs that require protection; the encryption server generates and maintains a content ID and a content key pair for each VOD program that requires protection, obtains a VOD program that requires protection from the content storage server and encrypts the VOD program by using the content key, and publishes the encrypted program contents of the VOD program to the VOD server.
  • The content IDs and content key pairs maintained by the encryption server are shown in Table 1:
  • TABLE 1
    SN Content ID Content Key
    1 Content ID 1 Content key 1
    2 Content ID 2 Content key 2
    . . . . . . . . .
    N Content ID N Content key N
  • 2. The middleware creates a virtual channel and assigns a channel identification (channel ID) to the virtual channel, and requests the encryption server to create a virtual channel with the channel ID and generate and maintain the channel ID and the corresponding channel key via an interface between the middleware and the encryption server.
  • The channel IDs and corresponding channel keys are shown in Table 2:
  • TABLE 2
    SN Channel ID Channel Key
    1 Channel ID 1 Channel key 1
    2 Channel ID 2 Channel key 2
    . . . . . . . . .
    N Channel ID N Channel key N
  • The procedure where the middleware creates a virtual channel includes the following steps:
  • (1) The middleware assigns a channel ID;
  • (2) The middleware sends a virtual channel creation request to the encryption server, the message carrying the channel ID parameter;
  • (3) The encryption server receives the request, assigns a channel key to the channel ID and saves a map between the channel ID and the channel key; and
  • (4) The encryption server sends a virtual channel creation success response to the middleware.
  • 3. The middleware requests the encryption server to add a group of VOD programs to the specified virtual channel; the encryption server encrypts the content key of every program in the VOD program group by using the channel key corresponding to the channel ID of the virtual channel to generate channel encryption information and sends the channel encryption information to the middleware.
  • The channel encryption information includes the content key of each VOD program encrypted using the channel key, validity of the channel encryption information (defined by start time and end time), and the access control condition of each VOD program. For example, if the virtual channel group includes four VOD programs, specific contents of the channel encryption information are described in Table 3. For easy extension, the type/length/value (TLV) encoding scheme may be used.
  • TABLE 3
    Encryption information of the content key of the first VOD
    program encrypted using the channel key (Content Encryption Key 0)
    Encryption information of the content key of the second VOD
    program encrypted using the channel key (Content Encryption Key 1)
    Encryption information of the content key of the third VOD
    program encrypted using the channel key (Content Encryption Key 2)
    Encryption information of the content key of the fourth VOD
    program encrypted using the channel key (Content Encryption Key 3)
    Time when the channel encryption information becomes valid
    (Start Time)
    Time when the channel encryption information becomes invalid
    (End Time)
    Parent Rate Area Code Fingerprint Etc.
    Message Authentication Code (MAC)
  • 4. The middleware sends to the NVOD server a request for activating the specified virtual channel; the activation request includes a list of VOD programs to be cast on the specified virtual channel and the channel encryption information corresponding to the VOD programs.
  • The program list includes related information of all VOD programs to be cast on the virtual channel and schedule information of the VOD programs. The related information of each VOD program includes a content ID, the access address of the description file of the VOD program and the program attribute.
  • 5. After the virtual channel is activated, the NVOD server sets up connections with the VOD server respectively according to the related information of VOD programs in the VOD program list to obtain the encrypted program contents of each VOD program encrypted by the content key, generates encrypted packets by using the encrypted program contents, and publishes the encrypted packets and the channel encryption information to the multicast group of the virtual channel.
  • 6. When activating the virtual channel, the NVOD server publishes the channel encryption information and the program stream corresponding to each VOD program to the bearer network.
  • The channel encryption information of a VOD program may be published in either of the following methods:
  • (1) Sending channel encryption information separately, that is, publishing Real-time Transport Protocol (RTP) packets that carry channel encryption information of a VOD program as a control stream to a specified port of the channel control information multicast address. In this method, the NVOD needs to publish the channel control information multicast address and port to a terminal and publish the channel encryption information and the encrypted packets corresponding to VOD program contents together to the bearer network in advance. The terminal needs to obtain the multicast address and port in advance.
  • (2) Appending the channel encryption information of the specified program to each encrypted packet to form a new channel program packet and publish the new packet to the channel multicast group.
  • The NVOD server may first obtain the encrypted program contents of each VOD program and cast the programs one by one according to the NVOD program list in step 5, or the NVOD server may select the next VOD program according to the NVOD program list after one VOD program is finished and then steps 5 and 6 are repeated.
  • 7. After a user orders the virtual channel from the middleware, the middleware requests the encryption server to entitle the user terminal to the virtual channel. The encryption server generates entitlement information corresponding to the user terminal and sends the entitlement information to the user terminal. The entitlement information includes the channel ID, the virtual channel key, and the access condition of the virtual channel.
  • 8. When the user is watching programs on the virtual channel,
  • corresponding to the first method in which channel encryption information is sent separately:
  • (1) The user terminal first obtains the multicast address of the control stream and then joins the channel control information multicast group of the virtual channel to receive encryption information of the virtual channel according to the multicast address of the control stream, and queries whether corresponding entitlement information exists by using the channel ID, and if the entitlement information exists, the user terminal decrypts the channel encryption information by using the channel key to obtain the content key of the VOD program.
  • (2) The user terminal receives encrypted packets of the VOD program multicast on the virtual channel, decrypts the encrypted packets by using the content key of the VOD program and then sends the decrypted plain-text packets to a player for playing.
  • Corresponding to the second method in which the channel encryption information and encrypted program packets are sent, where the user joins the multicast group of the virtual channel to receive packets of channel programs one by one:
  • (1) The user terminal obtains channel encryption information from each channel program packet, queries whether corresponding entitlement information exists by using the channel ID and if the entitlement information exists, the user terminal decrypts the channel encryption information by using the channel key to obtain the content key of the VOD program.
  • (2) The user terminal decrypts each encrypted packet by using the content key of the VOD program and sends the decrypted plain-text packets to a player for playing.
  • Before the validity of the current channel encryption information expires, the next channel encryption information is requested from the NVOD server.
  • Interfaces described in Table 4 are required between the middleware and the encryption server:
  • TABLE 4
    Interface Description
    Encrypting a The middleware initiates a request to the encryption
    VOD program server; the encryption server encrypts the VOD
    program, maintains a map between the content ID and
    the content key of the VOD program, and responds to
    the middleware with a program encryption result.
    Creating a The middleware initiates a request to the encryption
    virtual channel server; the encryption server responds with a virtual
    channel creation result.
    Adding a VOD
    program to a
    virtual channel
    Entitlement The middleware requests the encryption server to
    request entitle the specified user to the virtual channel.
  • Interfaces described in Table 5 are required between the middleware and the NVOD server:
  • TABLE 5
    Interface Description
    Creating a The middleware initiates a request to the NVOD
    virtual channel server; the NVOD server responds with a virtual
    channel creation result.
    Activating a The middleware requests the NVOD to start casting
    virtual channel the virtual channel programs.
    Deactivating a The middleware requests the NVOD to stop casting
    virtual channel the virtual channel programs.
  • An interface described in Table 6 is required between the NVOD server and the user terminal:
  • TABLE 6
    Interface Description
    Obtaining channel The terminal obtains the channel encryption
    encryption information of all VOD channels from the NVOD
    information server.
  • The keys, encrypted program contents and encryption information are generated by the encryption server. The NVOD server only transports the information without decryption. Moreover, the information transferred between the NVOD server and the middleware and the VOD server is also encrypted. This satisfies the needs of VOD program protection and assures good security.
  • As shown in FIG. 2, an encryption server provided by an embodiment of the invention includes:
  • a program content obtaining unit 301, adapted to obtain contents of a VOD program from a VOD content storage server;
  • a program content encrypting unit 302, adapted to generate an associated content key for each VOD program content and encrypt an associated VOD program content according to each content key to generate encrypted packets of the VOD program content;
  • an encryption packets publishing unit 303, adapted to publish the encrypted program content generated by the program content encrypting unit 302 to a VOD server;
  • a content key encrypting unit 304, adapted to generate a channel key for a virtual channel that multicasts the VOD program content and encrypt the content key generated by the program content encrypting unit 302 by using the channel key; and
  • a channel key entitling unit 305, adapted to entitle a user terminal that orders the virtual channel to the channel key of the virtual channel generated by the content key encrypting unit 304.
  • The program content encrypting unit 302 and the content key encrypting unit 304 may be combined.
  • Further, the encryption server may include:
  • an encryption information publishing unit 308, adapted to publish encryption information of the content key generated by the program content encrypting unit 302 to the middleware. If the encryption server and the NVOD server are combined, encryption information may be stored locally and the encryption information publishing unit 308 is not required.
  • As shown in FIG. 3, an NVOD server provided in an embodiment of the invention includes:
  • an encryption information obtaining unit 511, adapted to obtain encryption information of a content key from an encryption server;
  • an encryption packets obtaining unit 512, adapted to obtain an encrypted VOD program content from a VOD server; and
  • a multicast control unit 513, adapted to multicast the encrypted packets of the VOD program content and the encryption information of the content key on a virtual channel.
  • When an encryption server is adopted to protect IPTV services in embodiments of the invention, the VOD server stores the encrypted program contents of only one program copy, thus saving the storage resources of the system.
  • The following describes how an NVOD server is utilized to protect an NVOD virtual channel in detail, where the NVOD server generates keys and executes encryption and entitlement operations.
  • FIG. 4 shows a system for implementing the virtual channel service in an embodiment of the invention, where an NVOD server is adopted to encrypt NVOD programs, which is equivalent to the effect that an encryption server is integrated with the NVOD server. The system includes:
  • a content storage server 10, a middleware 20 and a VOD server 40, and further includes an NVOD server 52, where:
  • the NVOD server 52 is adapted to execute encryption, key maintenance and entitlement functions and multicast encrypted packets of VOD programs and encryption information of content keys on a created virtual channel; a terminal device joins the virtual channel multicast group provided by the NVOD server 52 to receive encrypted multicast packets and obtain encryption information of content keys from the NVOD server 52.
  • The following takes the creation and activation of a virtual channel for example to detail the functions of each functional entity:
  • 1. The middleware requests the NVOD server to encrypt VOD programs that require protection; the NVOD server generates and maintains a content ID and a content key pair for each VOD program that requires protection, obtains a VOD program that requires protection from the content storage server and encrypts the VOD program by using the content key, and publishes the encrypted program contents of the VOD program to the VOD server.
  • 2. The middleware creates a virtual channel and assigns a channel ID to the virtual channel, and requests the NVOD server to create a virtual channel with the channel ID and maintain the channel ID and the corresponding channel key via an interface between the middleware and the NVOD server.
  • 3. The middleware requests the NVOD server to add a group of VOD programs to the specified virtual channel; the NVOD server encrypts the content key of each program in the VOD program group by using the channel key corresponding to the channel ID of the virtual channel to generate channel encryption information, saves the channel encryption information of the virtual channel and returns a response to the middleware.
  • 4. The middleware sends to the NVOD server a request for activating the specified virtual channel; the activation request includes the channel ID and the list of VOD programs to be cast on the virtual channel.
  • 5. The NVOD server activates the virtual channel and sets up connections with the VOD server respectively according to related information of VOD programs in the VOD program list to obtain encrypted program contents of each VOD program encrypted by the content key.
  • 6. While activating the virtual channel, the NVOD server publishes the encrypted packets and channel encryption information to the multicast group of the virtual channel.
  • There are two methods for publishing the channel encryption information of a VOD program: one is to send channel encryption information separately; the other is to append the channel encryption information of the specified program to each encrypted packet to form a new channel program packet and publish the new packet to the channel multicast group.
  • The NVOD server may first obtain the encrypted program contents of each VOD program and cast the programs one by one according to the NVOD program list in step 5, or the NVOD server may select the next VOD program according to the NVOD program list after one VOD program is finished and then repeat steps 5 and 6.
  • 7. After a user orders the virtual channel, the middleware requests the NVOD server to entitle the user terminal to the virtual channel. The NVOD server generates entitlement information corresponding to the user terminal and sends the entitlement information to the user terminal The entitlement information includes the channel ID, the virtual channel key, and the access condition of the virtual channel.
  • 8. When the user is watching programs on the virtual channel,
  • corresponding to the method for publishing channel encryption information, an appropriate mode is used to obtain the content key of the VOD program content, decrypt the encrypted packets received after joining the multicast group and send the decrypted plain-text packets to a player for playing.
  • In another embodiment of the invention, the NVOD server may store encrypted program contents of a VOD program locally and after the virtual channel is activated, the NVOD server obtains the encrypted program contents of the VOD program directly from the local storage for multicast.
  • FIG. 5 shows an NVOD server provided in an embodiment of the invention. In addition to all the functional units of the encryption server shown in FIG. 3, the NVOD server further includes:
  • a first multicast control unit 306, adapted to obtain encrypted program contents of each VOD program from the VOD server, obtain encryption information of each content key from the content key encrypting unit 304, and multicast the encrypted packets of VOD program contents and encryption information of content keys on a virtual channel.
  • The NVOD server shown in FIG. 5 does not need to store encrypted program contents of a VOD program locally. Instead, when the virtual channel is activated, the NVOD server obtains encrypted program contents of VOD programs that need to be multicast from the VOD server where encrypted program contents of VOD programs are published.
  • FIG. 6 shows an NVOD server provided in another embodiment of the invention. In addition to all the functional units of the encryption server shown in FIG. 3, the NVOD server further includes:
  • a second multicast control unit 307, adapted to obtain encrypted program contents of each VOD program from the program content encrypting unit 302, obtain encryption information of each content key from the content key encrypting unit 304, and multicast the encrypted packets of VOD program contents and encryption information of content keys on a virtual channel.
  • The NVOD server shown in FIG. 6 needs to store encrypted program contents of VOD programs locally so as to obtain encrypted program contents of VOD programs that need to be multicast from the local storage after the virtual channel is activated.
  • To sum up, the technical solution provided by embodiments of the invention generates a unique associated content key for each VOD program that needs to be multicast on a virtual channel, encrypts the associated VOD program by using the content key and saves the encrypted program contents of the VOD program for generating encrypted packets to be multicast on the virtual channel. The solution also generates a channel key for the virtual channel of the VOD program, entitles a user terminal that requests the virtual channel to the channel key, and multicasts the content key encrypted using the channel key while multicasting encrypted packets of the VOD program on the virtual channel. Thus, the user terminal that joins the virtual channel decrypts and obtains the content key by using the entitled channel key and then uses the content key to decrypt the encrypted packets of the VOD program. When the VOD program is multicast on different virtual channels, the content key of the VOD program is sent to the entitled user terminal by using the channel key of each virtual channel so as to realize the protection required by the virtual channel service. With the method for implementing the virtual channel service provided by embodiments of the invention, it is necessary to perform only one encryption for a VOD program and store the encrypted program contents of only one VOD program copy, thus saving storage resources of the system.
  • Although the technical solution of the present invention has been described through exemplary embodiments, the invention is not limited to such embodiments. It is apparent that those skilled in the art can make various modifications and variations to the invention without departing from the spirit and scope of the invention. The invention is intended to cover the modifications and variations provided that they fall in the scope of protection defined by the claims or their equivalents.

Claims (15)

1. A system for implementing the virtual channel service, comprising a content storage server adapted to store video on-demand (VOD) program contents and further comprising:
a middleware, adapted to control the virtual channel service;
an encryption server, adapted to generate an content key associated with each of the VOD program contents for the each of the VOD program contents in the content storage server according to a virtual channel service control signal sent by the middleware, encrypt content of each of the VOD programs associated with the content key according to the content key, and output an encrypted VOD program content, and adapted to generate a channel key for a virtual channel that multicasts the contents of VOD programs, encrypt the content key by using the channel key, and output encryption information of the content key, and authorize a user terminal that orders the virtual channel to the channel key;
a VOD server, adapted to receive and publish the encrypted VOD program content; and
a near video on-demand (NVOD) server, adapted to receive the encryption information of the content key, obtain the encrypted VOD program content from the VOD server, and multicast the encrypted VOD program content and the encryption information of the content key on the virtual channel.
2. The system of claim 1, wherein the encryption server is placed in a digital rights management (DRM) system.
3. The system of claim 2, wherein the middleware is located between the encryption server and the NVOD server; and the DRM system sends the encryption information to the middleware, and the middleware forwards the encryption information to the NVOD server.
4. The system of claim 1, wherein the encryption server and the NVOD server are combined.
5. An encryption server, comprising:
a program content obtaining unit, adapted to obtain video on-demand (VOD) program contents from a content storage server that stores VOD program contents;
a program content encrypting unit, adapted to generate an content key associated with each of the obtained VOD program contents for the each of the obtained VOD program contents and encrypt a VOD program content associated with the content key according to the content key;
a VOD program content publishing unit, adapted to publish the encrypted VOD program content generated by the program content encrypting unit to a VOD server;
a content key encrypting unit, adapted to generate a channel key for a virtual channel that multicasts the VOD program contents, encrypt the content key generated by the program content encrypting unit by using the channel key, and generate encryption information of the content key; and
a channel key entitling unit, adapted to entitle a user terminal that orders the virtual channel to the channel key of the virtual channel generated by the content key encrypting unit.
6. The encryption server of claim 5, further comprising:
a first multicast control unit, adapted to obtain the encrypted VOD program content from the VOD server, obtain the encryption information from the content key encrypting unit, and multicast the encrypted VOD program content and the encryption information on the virtual channel.
7. The encryption server of claim 5, further comprising:
a second multicast control unit, adapted to obtain the encrypted VOD program content from the program content encrypting unit, obtain the encryption information from the content key encrypting unit, and multicast the encrypted VOD program content and the encryption information on the virtual channel.
8. The encryption server of claim 6, wherein the encryption server is placed in a near video on-demand (NVOD) server.
9. The encryption server of claim 5, wherein the program content encrypting unit and the content key encrypting unit are combined.
10. A near video on-demand (NVOD) server, comprising:
an encryption information obtaining unit, adapted to obtain encryption information of a content key of a video on-demand (VOD) program content from an encryption server;
a VOD program content obtaining unit, adapted to obtain an encrypted VOD program content from a VOD server; and
a multicast control unit, adapted to multicast the encrypted VOD program content and the encryption information on a virtual channel.
11. A method for protecting the virtual channel service, comprising:
generating a content key associated with each video on-demand (VOD) program content for the each VOD program content, encrypting the each VOD program content by using the content key associated with the each VOD program content, and multicasting the encrypted VOD program content on a virtual channel; and
generating a channel key for the virtual channel, encrypting the content key by using the channel key, and authorizing a user terminal that orders the virtual channel to the channel key, and multicasting encryption information of the content key to the user terminal.
12. The method of claim 11, further comprising:
by the user terminal, decrypting the received encryption information by using the authorized channel key to obtain the content key of the encrypted VOD program content, and decrypting the encrypted VOD program content received after joining the virtual channel multicast group by using the obtained content key.
13. The method of claim 11, wherein the method for multicasting the encryption information of the content key to the user terminal comprises:
multicasting the encryption information of the content key and the encrypted VOD program content together; or
multicasting the encryption information of the content key in a virtual channel control information multicast group.
14. The method of claim 12, wherein the method for multicasting the encryption information of the content key to the user terminal comprises:
multicasting the encryption information of the content key and the encrypted VOD program content together; or
multicasting the encryption information of the content key in a virtual channel control information multicast group.
15. The encryption server of claim 7, wherein the encryption server is placed in a near video on-demand (NVOD) server.
US12/346,689 2007-04-17 2008-12-30 System, protection method and server for implementing the virtual channel service Abandoned US20110093883A1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CNB2007100981591A CN100493181C (en) 2007-04-17 2007-04-17 System, protection method and server for realizing the virtual channel service
CN200710098159.1 2007-04-17
PCT/CN2008/070008 WO2008125023A1 (en) 2007-04-17 2008-01-02 A system, protecting method and server of realizing virtual channel service

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2008/070008 Continuation WO2008125023A1 (en) 2007-04-17 2008-01-02 A system, protecting method and server of realizing virtual channel service

Publications (1)

Publication Number Publication Date
US20110093883A1 true US20110093883A1 (en) 2011-04-21

Family

ID=38731518

Family Applications (1)

Application Number Title Priority Date Filing Date
US12/346,689 Abandoned US20110093883A1 (en) 2007-04-17 2008-12-30 System, protection method and server for implementing the virtual channel service

Country Status (4)

Country Link
US (1) US20110093883A1 (en)
EP (1) EP2034728A4 (en)
CN (1) CN100493181C (en)
WO (1) WO2008125023A1 (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120137321A1 (en) * 2010-11-30 2012-05-31 General Instrument Corporation Rights metadata caching by switched digital video multiplexers
US20130182557A1 (en) * 2010-06-30 2013-07-18 Huawei Technologies Co., Ltd. Method, apparatus and system for obtaining key information during fast channel switching
US20130298155A1 (en) * 2012-05-03 2013-11-07 Rawllin International Inc. Video personal identification code for video on demand services
US20140195691A1 (en) * 2011-11-24 2014-07-10 Zte Corporation Method, system and media server for creating multicast channel
US9185094B2 (en) 2012-03-01 2015-11-10 Ologn Technologies Ag Systems, methods and apparatuses for the secure transmission and restricted use of media content
US9559845B2 (en) 2012-03-01 2017-01-31 Ologn Technologies Ag Systems, methods and apparatuses for the secure transmission of media content
US10382578B2 (en) * 2015-06-05 2019-08-13 Apple Inc. Provision of a lease for streaming content
US10455276B2 (en) * 2013-03-04 2019-10-22 Time Warner Cable Enterprises Llc Methods and apparatus for controlling unauthorized streaming of content
US20200014977A1 (en) * 2015-11-27 2020-01-09 Sony Corporation Information processing apparatus, information processing method, receiving apparatus, and receiving method
US10929402B1 (en) * 2018-08-10 2021-02-23 Amazon Technologies, Inc. Secure join protocol in encrypted databases

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100493181C (en) * 2007-04-17 2009-05-27 华为技术有限公司 System, protection method and server for realizing the virtual channel service
CN102111651A (en) * 2009-12-24 2011-06-29 北京视博数字电视科技有限公司 Method for recording program, method for broadcasting program, front end and terminal equipment
CN101883255A (en) * 2010-06-17 2010-11-10 中兴通讯股份有限公司 Processing system and method thereof for ordering programs in interactive network television
CN104205863B (en) * 2012-03-27 2017-10-27 三菱电机株式会社 Digital broacast receiver and digital broadcast receiving method
CN104602125B (en) * 2013-10-30 2018-02-16 中国科学院声学研究所 A kind of packing and encryption method based on MXF audio-video frequency media files
CN103945236B (en) * 2014-03-31 2017-05-17 广州华多网络科技有限公司 Gathering method and system of on-line live channels
CN107241322A (en) * 2017-05-27 2017-10-10 郑州云海信息技术有限公司 A kind of service end communication management method and system
CN110858835B (en) * 2018-08-24 2022-02-18 中国电信股份有限公司 Communication method, system and related device and computer readable storage medium
CN110611830A (en) * 2019-09-29 2019-12-24 腾讯科技(深圳)有限公司 Video processing method, device, equipment and medium
CN111787361B (en) * 2020-07-13 2022-02-11 安徽云森物联网科技有限公司 RTSP video streaming transmission method, system, equipment and storage medium

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020016919A1 (en) * 1998-08-05 2002-02-07 Hewlett-Packard Company Media content protection utilizing public key cryptography
US20030200548A1 (en) * 2001-12-27 2003-10-23 Paul Baran Method and apparatus for viewer control of digital TV program start time
US20030228018A1 (en) * 2002-06-07 2003-12-11 General Instrument Corporation Seamless switching between multiple pre-encrypted video files
US20040083899A1 (en) * 2000-10-30 2004-05-06 Rolf Nilsson Method and an apparatus for mixing two phases of a food product
US20040120529A1 (en) * 2002-09-23 2004-06-24 International Business Machines Corporation Key distribution in a conditional access system
US6834110B1 (en) * 1999-12-09 2004-12-21 International Business Machines Corporation Multi-tier digital TV programming for content distribution
US20050174958A1 (en) * 2004-02-11 2005-08-11 Phonex Broadband Corporation Method and system for prioritazation and dynamic channel allocation within a communication system
US20060031873A1 (en) * 2004-08-09 2006-02-09 Comcast Cable Holdings, Llc System and method for reduced hierarchy key management
US20070083899A1 (en) * 2003-07-10 2007-04-12 Compton Charles L Distributed and scalable architecture for on demand session and resource manangement
US7305695B1 (en) * 1999-01-20 2007-12-04 Intel Corporation System for providing video on demand with pause feature
US20080313682A1 (en) * 2004-07-27 2008-12-18 Hiroyuki Kajiura Near Video-on-Demand System, Near Video-on-Demand System Control Method, and Program and Recording Medium for the Same

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6073122A (en) * 1997-08-15 2000-06-06 Lucent Technologies Inc. Cryptographic method and apparatus for restricting access to transmitted programming content using extended headers
US20040083177A1 (en) * 2002-10-29 2004-04-29 General Instrument Corporation Method and apparatus for pre-encrypting VOD material with a changing cryptographic key
CN100459697C (en) * 2005-04-05 2009-02-04 华为技术有限公司 IPTV system, enciphered digital programme issuing and watching method
US9338405B2 (en) * 2006-05-04 2016-05-10 Cisco Technology, Inc. Scrambled digital data item
CN100493181C (en) * 2007-04-17 2009-05-27 华为技术有限公司 System, protection method and server for realizing the virtual channel service

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020016919A1 (en) * 1998-08-05 2002-02-07 Hewlett-Packard Company Media content protection utilizing public key cryptography
US7305695B1 (en) * 1999-01-20 2007-12-04 Intel Corporation System for providing video on demand with pause feature
US6834110B1 (en) * 1999-12-09 2004-12-21 International Business Machines Corporation Multi-tier digital TV programming for content distribution
US20040083899A1 (en) * 2000-10-30 2004-05-06 Rolf Nilsson Method and an apparatus for mixing two phases of a food product
US20030200548A1 (en) * 2001-12-27 2003-10-23 Paul Baran Method and apparatus for viewer control of digital TV program start time
US20030228018A1 (en) * 2002-06-07 2003-12-11 General Instrument Corporation Seamless switching between multiple pre-encrypted video files
US20040120529A1 (en) * 2002-09-23 2004-06-24 International Business Machines Corporation Key distribution in a conditional access system
US20070083899A1 (en) * 2003-07-10 2007-04-12 Compton Charles L Distributed and scalable architecture for on demand session and resource manangement
US20050174958A1 (en) * 2004-02-11 2005-08-11 Phonex Broadband Corporation Method and system for prioritazation and dynamic channel allocation within a communication system
US20080313682A1 (en) * 2004-07-27 2008-12-18 Hiroyuki Kajiura Near Video-on-Demand System, Near Video-on-Demand System Control Method, and Program and Recording Medium for the Same
US20060031873A1 (en) * 2004-08-09 2006-02-09 Comcast Cable Holdings, Llc System and method for reduced hierarchy key management

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130182557A1 (en) * 2010-06-30 2013-07-18 Huawei Technologies Co., Ltd. Method, apparatus and system for obtaining key information during fast channel switching
US8995463B2 (en) * 2010-06-30 2015-03-31 Huawei Technologies Co., Ltd. Method, apparatus and system for obtaining key information during fast channel switching
US9083998B2 (en) * 2010-11-30 2015-07-14 Arris Technology, Inc. Rights metadata caching by switched digital video multiplexers
US20120137321A1 (en) * 2010-11-30 2012-05-31 General Instrument Corporation Rights metadata caching by switched digital video multiplexers
US20140195691A1 (en) * 2011-11-24 2014-07-10 Zte Corporation Method, system and media server for creating multicast channel
US9185094B2 (en) 2012-03-01 2015-11-10 Ologn Technologies Ag Systems, methods and apparatuses for the secure transmission and restricted use of media content
US9559845B2 (en) 2012-03-01 2017-01-31 Ologn Technologies Ag Systems, methods and apparatuses for the secure transmission of media content
US20130298155A1 (en) * 2012-05-03 2013-11-07 Rawllin International Inc. Video personal identification code for video on demand services
US10455276B2 (en) * 2013-03-04 2019-10-22 Time Warner Cable Enterprises Llc Methods and apparatus for controlling unauthorized streaming of content
US10382578B2 (en) * 2015-06-05 2019-08-13 Apple Inc. Provision of a lease for streaming content
US10979529B2 (en) 2015-06-05 2021-04-13 Apple Inc. Provision of a lease for streaming content
US11956323B2 (en) 2015-06-05 2024-04-09 Apple Inc. Provision of a lease for streaming content
US20200014977A1 (en) * 2015-11-27 2020-01-09 Sony Corporation Information processing apparatus, information processing method, receiving apparatus, and receiving method
US10873783B2 (en) * 2015-11-27 2020-12-22 Sony Corporation Information processing apparatus, information processing method, receiving apparatus, and receiving method
US10929402B1 (en) * 2018-08-10 2021-02-23 Amazon Technologies, Inc. Secure join protocol in encrypted databases

Also Published As

Publication number Publication date
EP2034728A1 (en) 2009-03-11
CN100493181C (en) 2009-05-27
EP2034728A4 (en) 2009-08-12
CN101035255A (en) 2007-09-12
WO2008125023A1 (en) 2008-10-23

Similar Documents

Publication Publication Date Title
US20110093883A1 (en) System, protection method and server for implementing the virtual channel service
KR101354768B1 (en) Digital rights management protection for content identified using a social tv service
EP1371205B1 (en) Initial viewing period for authorization of multimedia content
US20090019468A1 (en) Access control of media services over an open network
US20080063195A1 (en) Method and system for encrypting or decrypting wmv streaming media
WO2007076652A1 (en) User authorization method for use in digital television conditional access system
US20060233368A1 (en) Method for conditional access in a DMTS/DOCSIS enabled set top box environment
WO2006024234A1 (en) Method ano apparatus for protecting broadband video and audio broadcast content
Yang et al. The Simplified and Secure Conditional Access for Interactive TV service in Converged Network
WO2005004391A1 (en) Enforcement of content rights and conditions for multimedia content
JP2002218435A (en) Method and device for video distribution service
Kim et al. Protection of MPEG-2 multicast streaming in IP-TV
AU2001297621A1 (en) Enforcement of rights and conditions for multimedia content
AU2002253848A1 (en) ECM And EMM Distribution for Multimedia Multicast Content
AU2002248283A1 (en) Initial viewing period for authorization of multimedia content
AU2001297985A1 (en) Initial free preview for multimedia multicast content
KR20080069789A (en) Broadcast receiver and method for authentication of copy protection

Legal Events

Date Code Title Description
AS Assignment

Owner name: HUAWEI TECHNOLOGIES CO., LTD., CHINA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SUN, CHAO;REEL/FRAME:022045/0613

Effective date: 20081223

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION